[Buildroot] [PATCH 2/2] spice: security bump to version 0.14.1
Peter Korsgaard
peter at korsgaard.com
Wed Oct 24 12:24:14 UTC 2018
>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:
> Fixes CVE-2018-10873: A vulnerability was discovered in SPICE before version
> 0.14.1 where the generated code used for demarshalling messages lacked
> sufficient bounds checks. A malicious client or server, after
> authentication, could send specially crafted messages to its peer which
> would result in a crash or, potentially, other impacts.
> Drop patches as they are now upstream.
> Add host-pkgconf as the configure script uses pkg-config. Drop removed
> --disable-automated-tests configure flag.
> Add optional opus support, as that is now supported and needs to be
> explicitly disabled to not use. Explicitly disable optional gstreamer
> support for now as the dependency tree is fairly complicated.
> Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
Committed to 2018.02.x and 2018.08.x, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list